[Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Cannot open server 'testdbsqlserver2' requested by the login. Client with IP address '40.119.236.175' is not allowed to access the server.
I cannot connect my server to my web app.
[Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Cannot open server 'testdbsqlserver2' requested by the login. Client with IP address '40.119.236.175' is not allowed to access the server.
You can solve the above error by following below process:
Firstly, Open Azure Portal
Then click on your SQL server.
Click the networking property under Security Section.
Then add a firewall rule and give a name ans the IP Address 40.119.236.175
You can give start and end the same IP address .
Related
I am trying to retrieve data from a table located in a postgresql database hosted on azure VM. I would like to inject this data into an Azure SQL Database. I set up the self hosted integration runtime. Since the Vm hosting my DB is a linux VM, i have setup self-hosted IR on windows VM and using that I am able to connect to DB and copy the data to ABS location without any problem but when I try to copy the same data to SQL database, I am getting following error:
ErrorCode=SqlFailedToConnect,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=Cannot connect to SQL Database: 'XXX', Database: 'XXX', User: 'XXX'. Check the linked service configuration is correct, and make sure the SQL Database firewall allows the integration runtime to access.,Source=Microsoft.DataTransfer.ClientLibrary,''Type=System.Data.SqlClient.SqlException,Message=A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.),
Source=.Net SqlClient Data Provider,SqlErrorNumber=10060,Class=20,ErrorCode=-2146232060,State=0,Errors=[{Class=20,Number=10060,State=0,Message=A network-related or instance-specific error occurred while establishing a connection to SQL Server. ...
After searching about I opened the inbound and outbound traffic for port 1433 on machine which is hosting IR and and outbound traffic for port 1433 on machine which is hosting the database but I am still getting the same error.
Any idea what am I missing here?
I managed to solve the problem. As per azure documentation here, if we are trying to connect to SQL database from within Azure cloud then we need to open communication to port range 11000-11999. We need to put this port range in network security list for outbound connections.
I have Azure app and SQL Database.SQL URL like jdbc:sqlserver://xxxxx.database.windows.net:1433;databaseName=xxxxx that one try connect my local tomcat,its successfully connected.but when try connected from Azure app,I am getting exception
[org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (JCA PoolFiller) IJ000610: Unable to fill pool: java:jboss/DB/DS: javax.resource.ResourceException: IJ031084: Unable to create connection
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1320)
at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.fillTo(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1136)
at org.jboss.jca.core.connectionmanager.pool.mcp.PoolFiller.run(PoolFiller.java:97)
at java.lang.Thread.run(Thread.java:748)
Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Cannot open server "App-server" requested by the login. The login failed.
but i can't use from azure app server (VM) from sql Database
Do you mean you application hosting on Azure VM?
If I understand it correctly, you should add Azure VM's public IP address to sql server firewall.
Via Azure portal to add VM's IP address:
Also you should add port 1433 to VM's NSG inbound rules and OS firewall settings.
Please make sure you have set On the "Allow access to Azure services" setting on Azure portal for the Azure SQL database or its logical server. Please see below image.
You need to also specify the user#database on the connection string. Please read here for more details on how to build the connection string.
I have created successfully a Hybrid Connection (ServerA) and linked it to my Azure Web App. The status is successfully connected: ServerB:1010 is defined
On My On Premise machine (ServerA) I can connect to a HTTP Service which is running on ServerB:1010 but I can't install the Hybrid Connection Manager on ServerB because of other restrictions.
If I Use WebClient.UploadData('ServerB:1010', data[]) in my Azure Web App I receive following error.
Unable to connect to the remote server ---> System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions.
If I connect to a database server MySql or Oracle which are also accessible from this server I don't have any problems
I have created successfully a Hybrid Connection (ServerA) and linked it to my Azure Web App.
Remove it and add a Hybrid Connection to Server B instead. Install the Hybrid Connection Manager on Server A. The HCM will act as a reverse proxy.
Hybrid Connections do not care which server has the HCM installation as long as that server can reach the DNS name you specify in the New > Hybrid Connection Portal blade.
Example traffic flow for WebClient.UploadData('ServerB:1010', data[]):
Web App ---> Hybrid Connection ---> HCM on Server A ---> 1010/TCP on Server B.
<--- <--- <---
There's an easier way to test. Open the Kudu console and do
tcpping ServerB:1010
CORRECTION: The tcpping test is very misleading since you're handshaking the Azure-end of the Hybrid Connection, not the on-prem application's TCP endpoint. And that may happily reply to you even though the on-prem stuff is not connected. Here's what i mean:
Always test at application layer (e.g. with curl.exe http://webservice.corp.local from the Kudu Console)
You must use names instead of IP addresses. Use the full FQDN to reference ServerA and ServerB both in the Portal setup and in your code. Hybrid Connections work by intercepting DNS calls at OS level and resolving them to the magic 127.0.0.x which is then routed over the Hybrid Connection to on-prem.
TL;DR version:
Instead of
10.10.10.2:1010
use
ServerB.domain.local:1010
both in the Portal setup and when referencing the on-prem host in your code.
Here's what happens if you use an IP Address instead of name:
In Kudu's DebugConsole:
D:\home>nameresolver 192.168.0.4
Server: Default
Non-authoritative answer:
Name: 192.168.0.4
Addresses: 127.0.0.3
D:\home>tcpping 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Complete: 0/4 successfull attempts (0%). Average success time: 0ms
D:\home>curl -s 192.168.0.4
This is iisstart.htm from IIS 8.5 on Windows Server 2012 R2, on-prem.
So depending on what APIs you call (APIs that take 192.168.0.4 as FQDN vs IP Address) it kinda works.
You can't use tcpping with Hybrid Connections. It doesn't really tell you anything. All that tells you is that you hit the local socket that will catch your TCP traffic headed to your HC endpoint. It doesn't actually go through the connection.
As far as using an IPv4 address with Hybrid Connections, it can work and yet sometimes it won't. The reason for that is that the feature functions by catching the DNS request. If you are using a client library in your application code that doesn't do a DNS lookup on IP addresses then it won't go over the Hybrid Connection.
The DNS name must resolve to the correct IP address from the host(s) where you have the Hybrid Connection Manager running.
Going to the original question, you need a Hybrid Connection defined for your endpoint of ServerB port 1010. The DNS name used for ServerB must resolve from the host(s) running the HCM. Your HCM needs network access to ServerB port 1010 and to Azure. Your status says Connected which means that your web app can talk to your Hybrid Connection Manager for that endpoint. So, test connectivity from the host running the HCM to your desired host:port endpoint. Use a DNS name if you can. I hope this unblocks you.
I'm trying to connect Azure's SQL database via SQL Server 2008 R2 SP2. I'm using Azure with free trial subscription. I already search everywhere and tried these things:
Allow inbounds and outbounds rule in windows firewall for port 1433
Check that TCP connections in SQL Server Configuration Manager is available and running on port 1433
Create server and database on azure portal and configure its ip allowance
I connect with these settings
Server Type: Database Engine
Server Name: tcp:aaa.database.windows.net,1433 / aaa.database.windows.net
Login: bbb#aaa
Password: xxx
And the error is
"A network-related or instance-specific error occurred while
establishing a connection to SQL Server.
The server was not found or was not accessible. Verify that the
instance name is correct and that SQL Server is configured to allow
remote connections.
(provider: TCP Provider, error: 0 - A connection attempt failed
because the connected party did not properly respond after a period of
time, or established connection failed because connected host has
failed to respond) (Microsoft SQL Server, Error: 10060)"
P.S. I also can't ping xxx.database.windows.net and can't telnet xxx.database.windows.net 1433
Your question is confusing, as you're talking about both SQL Server and SQL Database. But, given the connection strings you mentioned (xxx.database.windows.net) you are definitely talking about SQL Database service, not SQL Server in a VM.
That said: You must allow certain IP addresses to connect to it (this is a built-in part of the service itself). Look at the SQL Database server's Firewall setting:
You'll need to add the IP address of your computer (or IP range), to access SQL Database through your local tools.
I am working on a local machine (ASP.NET MVC 4 application) but now I want to start using the company's SQL server so I need to change the Connection string in order to connect me to that remote server.
The set up is this:
I have a VPN connection where I use an IP address, can't show the exact IP so let's say - xxx.xxx.xxx.xxx
I have username and password in order to connect to VPN - VPNUsername/VPNPassword
When I use Microsoft SQL Server Management Studio to connect to the remote server I use the same IP that I use to connect to the VPN - xxx.xxx.xxx.xxx
I have different username and password for the SQL Server - SQLUsername/SQLPassword
I have an existing connection string that I use to connect to the server on my PC so I thought it would be enough to just change the parameters there like so :
<add name="ProjectName.DAL.MyDbContext"
providerName="System.Data.SqlClient"
connectionString="Data Source=xxx.xxx.xxx.xxx;
Initial Catalog=DatabaseName;Integrated Security=True;
MultipleActiveResultSets=True;
user id=SQLUsername;password=SQLPassword;App=EntityFramework" />
So the changes from the connection string that works and connects me to my local server are two:
Data Source= xxx.xxx.xxx.xxx - I'm using the IP. Here I wonder if the IP itself is sufficinet. Should I use http://xxx.xxx.xxx.xxx or just IP is ok?
user id=SQLUsername;pasword=SQLPassword - I'm using the same Username and Password as in the Management studio from where I can connect successfully to the remove server by providing the xxx.xxx.xxx.xxx as Server name and using SQLUsername/SQLPassword under SQL Server Authentincation.
So to be clear - under Management Studio I have no problems connecting to the remote server. However, when I change the connection string to what I posted above in my HomeController where I have very simple logic just to check that the call to the database is executed :
private MyDbContext db = new MyDbContext();
//
// GET: /Home/
public ActionResult Index()
{
return View(db.Users.ToList());
}
I get 3 exceptions:
SqlException (0x80131904): Login failed for user 'VPNUsername'
ProviderIncompatibleException: The provider did not return a ProviderManifestToken string.
ProviderIncompatibleException: An error occurred while getting provider information from the database. This can be caused by Entity Framework using an incorrect connection string.
So besides that in my opinion and as the number 3 exception tells that the problem is in the way I'm using the connection string what concerns me is also the Number 1 exception that says that login is failed but not for my SQLUsername but for the VPNUsername. As I said - I'm really using VPN connection and I use the same IP - xxx.xxx.xxx.xxx to connect both to the VPN and the SQL Server(From Management Studio).
Any idea how to resolve this?
Remove Integrated Security=True from your connection string as you're trying to connect with a SQL Server username/password